U.S. Critical Infrastructure Continue to Make Risky IT Bets

When the term “critical infrastructure” is mentioned in conversation, thoughts immediately turn to things like electrical power plants, oil and gas pipelines, food, water, etc. You know, the foundational services of modern life that we all take for granted. These are the same industries that former Defense Secretary, Leon Panetta, was referring to when he warned of the possibility of a “cyber-Pearl Harbor” back in 2012.  Panetta stated:’An aggressor nation or extremist group could use these kinds of cyber tools to gain control of critical (railroad) switches…they could derail passenger trains or even more dangerous, derail passenger trains loaded with lethal chemicals. They could contaminate the water supply in major cities or shut down the power grid across large parts of the country.”  To read this article in full or to leave a comment, please click here

Arista adds security to cloud software

Arista Networks this week extended its controller software with the ability to activate firewalls and application delivery controllers for workloads and workflows across its switches.The company’s Macro-Segmentation Services (MSS) is a feature of the company’s CloudVision software, which maintains a database of network state. MSS works across Layer 2 and 3 topologies and network virtualization overlays to insert security services for data centers with physical and virtualized workloads, extending the separate capabilities of virtualization hypervisors with micro-segmentation, and physical firewalls.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Counter cybersecurity threats with a human-machine dual strategy

Earlier this year, the 3.5-hour outage at the New York Stock Exchange (NYSE) raised a lot of eyebrows in the IT community. Opinions about the cause of this outage, including my own, came out of the woodwork despite official statements claiming "technical issues" following a software update. I have to ask: Would the NYSE really perform a software update on a production system first thing Wednesday morning?While I can't rule out a hack on the NYSE, the situation sparks another discussion: Was human error to blame?To read this article in full or to leave a comment, please click here

How to chat up Department of Homeland Security about DDoS attacks

The Department of Homeland Security's Science & Technology Directorate later this month will hold an hour-long Twitter chat to discuss the United States' plan to protect its networks against distributed denial-of-service attacks.The US, along with China, are the top targets for those who would disrupt networked machines and networks by bombarding them with traffic, according to security vendor Kaspersky Lab.You're invited to join @dhsscitech on Wednesday, Oct. 21 from noon to 1 p.m. EST for the conversation. Submit questions and comments about DDoS before, during or after the chat and use the #STTechTalk hashtag to engage in the discussion.To read this article in full or to leave a comment, please click here

Gartner’s top 10 emerging trends

ORLANDO -- The No. 1 problem, or trend, facing IT departments today is nonstop demand, according to Gartner. As more devices connect to the Internet, the need for more computing capability, storage and networking is increasing at a rapid rate.For instance, 39 million terabytes of storage is currently deployed globally; by 2019, that figure will more than double to 89 million terabytes.The demand for data center capacity is "relentless," said David Cappuccio, and is creating problems for IT. "It's not about how many systems I have, it's how efficiently I use that resource."To read this article in full or to leave a comment, please click here

5 tips for better enterprise security

The recent spate of data breaches at major U.S. organizations has raised questions about how effective current security tools and approaches are when it comes to dealing with emerging threats. Private and public enterprises have spent tens of billions of dollars to bolster security over the past decade, yet malicious attackers consistently succeed in evading whatever roadblocks are thrown their way. The trend has led many organizations to embrace a back-to-basics approach focused equally on people, processes and technology. Rather than viewing the security function as a bothersome cost of doing business, a growing number of organizations see it as a strategic enabler of new initiatives.To read this article in full or to leave a comment, please click here(Insider Story)

Doom or delight? Court ruling on Safe Harbor brings uncertainty to privacy dealings

Privacy activists are overjoyed, but for businesses it's what one lobbyist described, only half jokingly, as "the doomsday scenario:" The transatlantic transfer of European Union citizens' personal data was thrown into a legal void Tuesday when the Court of Justice of the EU declared invalid the 15-year-old Safe Harbor agreement with the U.S. because it provided inadequate privacy protection.The ruling exposes businesses reliant on Safe Harbor to the threat of legal action. The fact that European Commission and U.S. officials are in the middle of negotiating stronger privacy protections offers little comfort, as the ruling also opens that to challenges in national courts. Only a complete rewrite of the EU's data protection regime, already in progress, might help -- but it won't take effect for up to two years after the final text is agreed, and that is still many months off.To read this article in full or to leave a comment, please click here

Security in Cloud Networking

Enterprises are grappling with security in their infrastructure and many point products try to solve this in different use -cases. As enterprises migrate from north-south to east-west traffic patterns, the need for consistent security across cloud-network and firewall infrastructure is paramount. Furthermore, additional security concerns emerge as organizations contemplate leveraging access to the public cloud...
Continue reading »

IP camera makers pressure researcher to cancel security talk

An upcoming talk covering security problems in Internet-connected cameras has been canceled after opposition from some manufacturers.Gianni Gnesa was scheduled to give a presentation titled "Abusing Network Surveillance Cameras" on Oct. 14 at the Hack in the Box GSEC conference in Singapore.Internet-connected video camera, or IP cameras, are widely used for security systems, offering the advantage that footage can be streamed anywhere remotely. But anything connected to the Internet poses risks if not properly secured. IP cameras, like this one made by Shenzhen Shixin Digital, are widely used in the security industry.To read this article in full or to leave a comment, please click here

1 3,236 3,237 3,238 3,239 3,240 3,780